Debian Security Audit Project

The Debian Security Audit Project is a project which is focused
upon auditing Debian packages for security issues.

In the short time it has been running it has been responsible for
several Debian Security Advisories
proving that this auditing process really works to improve Debian
security. It is hoped more advisories will result from future
work.

By taking a proactive stance in auditing code we can help to ensure
that Debian continues its long history of taking security
seriously.

Audit Scope

The aim of the project is to audit as many of the packages within
the Debian stable release as possible for potential flaws. Important
packages which are contained in the unstable distribution may also be
examined for flaws, decreasing the likelihood of insecure packages
entering the stable release in the first place.

Due to the sheer size of the current Debian release it is
infeasible for a small team to be able to audit all the packages, so
there is a system of prioritizing packages which are more security
sensitive.